Community discussions

MikroTik App
 
User avatar
Techsystem
Member
Member
Topic Author
Posts: 337
Joined: Tue Dec 21, 2021 5:12 am

IPsec policy in default router setting

Sun Sep 04, 2022 9:55 am

hello for all my friends in this forum ..!
when i was looking around in the router default setting, i notice that in ip-firewall-nat rule there is this IPsec policy was configured as below ..-(see the attached picture)-
so what they mean by that ...? and does that important...? is it necessary to put it when we create a masquerade rule...?
You do not have the required permissions to view the files attached to this post.
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: IPsec policy in default router setting  [SOLVED]

Sun Sep 04, 2022 5:01 pm

It's a condition saying that this rule will be used only when there's no existing IPSec policy for packet/connection. It's useful when you have IPSec tunnels, because otherwise you'd get srcnat not only for connections to internet (where you want it), but also for tunnelled connections to other sites (you don't want that, because changed source address would no longer match IPSec policy and connections would fail). If you don't use IPSec, then this condition is not needed.
 
User avatar
Techsystem
Member
Member
Topic Author
Posts: 337
Joined: Tue Dec 21, 2021 5:12 am

Re: IPsec policy in default router setting

Sun Sep 04, 2022 7:54 pm

realy appreciate youe anwer sob..! very satisfy with your explaination..!

Who is online

Users browsing this forum: kevinds, qadir52786 and 37 guests